From owner-freebsd-questions Thu Feb 1 0: 6:37 2001 Delivered-To: freebsd-questions@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 14B7937B491 for ; Thu, 1 Feb 2001 00:06:11 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.0/8.11.0) id f1185th06172; Thu, 1 Feb 2001 10:05:55 +0200 (EET) (envelope-from ru) Date: Thu, 1 Feb 2001 10:05:55 +0200 From: Ruslan Ermilov To: David Erickson Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Freebsd and NATD of ip-protocol-50 Message-ID: <20010201100555.A4986@sunbay.com> Mail-Followup-To: David Erickson , freebsd-questions@FreeBSD.ORG References: <000e01c08c18$1c80f110$0a02a8c0@columbia.mentis.org> <20010201094457.A3621@sunbay.com> <001101c08c23$87cda840$0a02a8c0@columbia.mentis.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001101c08c23$87cda840$0a02a8c0@columbia.mentis.org>; from erickson@mddsg.com on Thu, Feb 01, 2001 at 02:49:39AM -0500 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG OK, I took a look at the RELENG_3 libalias(3) sources, and it does not contain the recent additions I have made to it that would make this sort of things work. Libalias only handles a limited set of protocols there, not providing any kind of fallback. Possible solutions: 1) upgrade to the recent stable version of FreeBSD (4.2-STABLE at the moment) 2) grab the src/lib/libalias and src/sbin/natd from a recent version of FreeBSD (both -CURRENT and -STABLE sources should compile and work fine on RELENG_3) On Thu, Feb 01, 2001 at 02:49:39AM -0500, David Erickson wrote: > Yes > ----- Original Message ----- > From: "Ruslan Ermilov" > To: "David Erickson" > Cc: > Sent: Thursday, February 01, 2001 2:44 AM > Subject: Re: Freebsd and NATD of ip-protocol-50 > > > > On Thu, Feb 01, 2001 at 01:27:54AM -0500, David Erickson wrote: > > > > > > I am running Freebsd 3.5-STABLE. I am trying to do a static NAT > > > translate to a real internet address from one of my machines on the > > > internal lan to the Checkpoint firewall at work which uses > > > ip-protocol-50. When I look at natd with the -v flag it doesn't > > > translate my internal address to the external address. All other tcp > > > and udp translations occur normally though. Any ideas on how I can > > > get this to work? I connect normally when doing this behind a cisco > > > router running nat in my tests. So Im pretty sure my problem here is > > > natd. Any help would be appreciated. Please email me directly at > > > erickson@mddsg.com > > > > > Do you have the ``divert natd esp from ... to ...'' rule? -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message